SHA-256 (2024)

Overview

SHA-256 is a member of the SHA-2 cryptographic hash functions designed by the NSA that generates an almost-unique 256-bit (32-byte) signature for a given text input. SHA stands for "Secure Hash Algorithm." Hashing algorithms are mathematical functions that condense data to a fixed size. Many hashing algorithms exist for various purposes; SHA algorithms are utilized for cryptographic security. Cryptographic hash algorithms produce irreversible and almost unique hashes. Irreversible in the sense that if you only had the hash you couldn’t use that to figure out what the original data was, therefore allowing the original data to remain secure and unknown. Unique meaning that two different pieces of data cannot produce the same hash.

Part of the SHA-2 group of hash algorithms first created by the NSA in 2001 as a successor to SHA-1, SHA-256 is a patented cryptographic hash function. The patent (US6829355B2) for the SHA-256 algorithm was filed by the NSA on March 5th, 2001, listing Glenn M Lilly as the inventor. The patent was granted and published on December 7th, 2004.

From 2011 to 2015, SHA-1 was the primary algorithm used for SSL certificates. Growing research showing the weaknesses of SHA-1 prompted a revaluation and from 2016 onward, SHA-2 is the new standard. Since August 5th, 2015 NIST policy on hash functions recommends application and protocol designers implement SHA-256 at a minimum for any applications of hash functions requiring interoperability.

SHA-256 has not yet been compromised in any way. The 256-bit key makes it a good partner function for AES. It is defined in the NIST (National Institute of Standards and Technology) standard ‘FIPS 180-4’. NIST also provides a number of test vectors to verify the correctness of implementation.

Process

The SHA-256 algorithm can be separated into five sections.

Padding bits

Extra bits are added to the message, such that the length is exactly 64 bits short of a multiple of 512. During the addition, the first bit should be one, and the rest of it should be filled with zeroes.

Padding length

Next, 64 bits are added to make the final plaintext a multiple of 512. The 64 bits of characters are calculated by applying the modulus of the original cleartext without the padding.

SHA-256 (1)

Padding of the original message in the SHA-256 algorithm.

Initializing the buffers

The default values for eight buffers and 64 different keys in an array (K[0] to K[63]) are initialized.

Compression functions

The algorithm breaks down the entire message into multiple blocks of 512 bits each. It puts each block through 64 rounds of operation, with the output of each block serving as the input for the following block.

SHA-256 (2)

Representation of the SHA-256 algorithm.

The value of K[i] for each round is pre-initialized. W[i] is another input calculated individually for each block, depending on the number of iterations being processed at the moment.

Output

With each iteration, the final output of the block serves as the input for the next block. The entire cycle repeats until you reach the last 512-bit block, and the final hash digest is output. This digest will be of the length 256-bit, as per the name of this algorithm.

Security

The security of the SHA-256 algorithm is partially dependent on how collision resistant it is, where collision resistance is a probability measurement for two different data inputs to produce the same hash output (i.e. collide with each other). Every hash function with more inputs than outputs will necessarily have collisions. SHA-256 produces 256 bits of output from an arbitrarily large input. Since it must generate one of 2256 outputs for each member of a much larger set of inputs, the pigeonhole principle guarantees that some inputs will hash to the same output. However, the larger the number of possible hashes, the smaller the chance that two values will create the same hash.

The following are three key properties defining the security of SHA-256:

  1. With 2256 possible outputs it is almost impossible to reconstruct the initial data from the hash value. Brute-force attacks would need to make 2256 attempts to generate the initial data.
  2. Having two messages with the same hash value is extremely unlikely (high collision resistance).
  3. Minor changes to the original data alter the hash value significantly that it’s not apparent the new hash value is derived from similar data (known as the avalanche effect).

Applications

SHA-256 is commonly used to authenticate digital certificates, such as SSL certificates that ensure a secure link between a website and web browsers. SHA-256 is also the cryptographic hash function used for Bitcoin's Proof of Work mining and in the creation of Bitcoin addresses. SHA-256 is also used in other popular authentication and encryption protocols, including TLS, IPsec, SSH, and PGP. In Unix and Linux.

SHA-256 (2024)
Top Articles
The top 4 fintech trends to watch in 2024
Inside Ken Griffin’s property and art empire: $1B Palm Beach spread is only the beginning
Victor Spizzirri Linkedin
Riverrun Rv Park Middletown Photos
Forozdz
Food King El Paso Ads
Instructional Resources
Http://N14.Ultipro.com
Botw Royal Guard
Otterbrook Goldens
Sissy Hypno Gif
Stl Craiglist
Mlifeinsider Okta
Boat Jumping Female Otezla Commercial Actress
Locate At&T Store Near Me
Roster Resource Orioles
The Ultimate Style Guide To Casual Dress Code For Women
DBZ Dokkan Battle Full-Power Tier List [All Cards Ranked]
Weather Rotterdam - Detailed bulletin - Free 15-day Marine forecasts - METEO CONSULT MARINE
Charter Spectrum Store
Busted Mcpherson Newspaper
Optum Urgent Care - Nutley Photos
Okc Body Rub
Brbl Barber Shop
Craigslist Maryland Trucks - By Owner
Watertown Ford Quick Lane
Marokko houdt honderden mensen tegen die illegaal grens met Spaanse stad Ceuta wilden oversteken
Xpanas Indo
Anesthesia Simstat Answers
Stickley Furniture
Astro Seek Asteroid Chart
R/Mp5
Wheeling Matinee Results
Grays Anatomy Wiki
Word Trip Level 359
Eaccess Kankakee
Pickle Juiced 1234
RALEY MEDICAL | Oklahoma Department of Rehabilitation Services
Bianca Belair: Age, Husband, Height & More To Know
Htb Forums
Gary Lezak Annual Salary
craigslist: modesto jobs, apartments, for sale, services, community, and events
Xxn Abbreviation List 2023
Aita For Announcing My Pregnancy At My Sil Wedding
Shoecarnival Com Careers
Cocorahs South Dakota
Shipping Container Storage Containers 40'HCs - general for sale - by dealer - craigslist
Arcanis Secret Santa
Tacos Diego Hugoton Ks
Paperlessemployee/Dollartree
Okta Login Nordstrom
6463896344
Latest Posts
What Is a Procurement Contract?
How To Use Budget Template In Google Sheets?
Article information

Author: Frankie Dare

Last Updated:

Views: 5925

Rating: 4.2 / 5 (73 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Frankie Dare

Birthday: 2000-01-27

Address: Suite 313 45115 Caridad Freeway, Port Barabaraville, MS 66713

Phone: +3769542039359

Job: Sales Manager

Hobby: Baton twirling, Stand-up comedy, Leather crafting, Rugby, tabletop games, Jigsaw puzzles, Air sports

Introduction: My name is Frankie Dare, I am a funny, beautiful, proud, fair, pleasant, cheerful, enthusiastic person who loves writing and wants to share my knowledge and understanding with you.